[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Update to minilzo-2.08

From: Javier Martinez Canillas
Subject: Re: [PATCH] Update to minilzo-2.08
Date: Tue, 22 Oct 2019 10:18:39 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0

Hello Daniel,

On 10/21/19 4:48 PM, Daniel Kiper wrote:
> On Fri, Oct 18, 2019 at 02:45:13PM +0200, Javier Martinez Canillas wrote:
>> From: Peter Jones <address@hidden>
>> This fixes CVE-2014-4607 - lzo: lzo1x_decompress_safe() integer overflow
>> Resolves:
> OK but I would like to know how did you come up with that patch.
> Please describe the process in docs/grub-dev.texi. Good example is
> in commit 35b909062 (gnulib: Upgrade Gnulib and switch to bootstrap
> tool). You can also look at commit 461f1d8af (zstd: Import upstream
> zstd-1.3.6).

Fair enough. I'll do that in v2.
> Daniel

Best regards,
Javier Martinez Canillas
Software Engineer - Desktop Hardware Enablement
Red Hat

reply via email to

[Prev in Thread] Current Thread [Next in Thread]